Android data stealing secrets and hacks

amit08255 By amit08255, 6th Apr 2014 | Follow this author | RSS Feed | Short URL http://nut.bz/13cmxs_e/
Posted in Wikinut>Reviews>Technology>Software

Android is most popular mobile platform, but just like other softwares, it also has several vulnerabilities.
In this article we will discuss how hackers steal data from android devices.

Android data stealing

Data stealing attack can be performed remotely on android devices.
Attackers can use PHP scripts along with javascript to steal data stored on SD card.
When victim will visit on that webpage attacker will get access to victim's data.
However, the entire process does not occur completely in the background.
But this vulnerability affects android 2.2 and previous versions which means wide range of android devices can be hacked easily.
Below we will discuss steps to exploit android data stealing vulnerability:---

1. Create a PHP file using source code of exploit from- securityfocus.com

2. Now modify filename's variable with the files that are going to be extracted.
Example- to hack private.txt from SD card we will use code:--
$filenames= array("/sdcard/private.txt");

3. Now upload your PHP script on any web hosting service.
Visit here to know more about PHP hosting.

4. Now go to Android send link of your PHP script to victim and make sure victim visit link
then payload will be downloaded in victim's device and the browser will be redirected to the
javascript payload and once finish execution victim's data will be uploaded to web hosting
server then you can access victim's data.

Now let's talk about protection from this vulnerability:--

1. Download latest android version for your device.
2. Install antivirus on your device. I will recommend AVG antivirus.
3. Disable javascript in web browser when you don't need it.
4. or, you can use third party browser like opera or firefox to prevent yourself from data theft.

PLEASE SHARE US YOUR COMMENTS AND REVIEWS.
VISIT HERE FOR MORE SECURITY TIPS AND EBOOKS.

moderator Steve Kinsman moderated this page.
If you have any complaints about this content, please let us know

Comments

Add a comment
Username
Can't login?
Password